Microsoft Office Document Encryption

Faculty and staff are encouraged to
encrypt all documents containing sensitive information. Please note
that while the example below refers to Microsoft Word 2003, the
method is equally available under other Microsoft Office versions
(XP, 2007) and other Office components (Excel, PowerPoint).

2. Next, enter a 'Password to open' and/or a 'Password to
modify', as appropriate. While 'Password to open' best addresses
confidentiality concerns, 'Password to modify' can instead or
additionally be useful in instances where you want to protect your
document against accidental and/or intentional modification.

3. Note when you click 'OK' bottom of above menu, you will be
asked to confirm the password(s) you have entered. Much like making
any password change, if the two strings you enter do not match,
your attempt to password protect your document will fail.

4. Click 'OK' and 'OK' to return to the main 'Save As' window,
then save as usual.

5. To test you've done all this correctly, exit Word, then
double-click or otherwise re-open your document. You should be
prompted for a password.

That in a nutshell is the mechanics of Microsoft Office
encryption; now for several important caveats.

Caveats

First, it is vitally important to understand that if you encrypt
your only copy of a document and forget the password, you will
never be able to open that document again. Encryption passwords
cannot be reset like login passwords; once the password is
forgotten, so is your ability to open your file. It is therefore
imperative that you never forget your encryption passwords.

Second, if you intend to email or otherwise share a protected
document, the recipient must be told the password(s) used if they
are to be able to open or modify it. It therefore follows you
should never use your email password or any other personal password
to protect documents you intend to share. It also follows you
should not send the password in the same email or with the same
media containing the encrypted document - otherwise anyone lucky or
devious enough to intercept the document would also have the means
to decrypt it. The safest way around this dilemma is to share the
encryption password using entirely separate means. If you send your
document via email for instance, provide the password either
face-to-face or over the phone.

Third, in the same way you should not use the same password for
all of your accounts, you should not use the same password to
protect all of your documents. If you have documents you would
share with a colleague Bill for instance but never with another
colleague Ted, you should really use different passwords with each
(otherwise Ted will be able to read your documents to Bill should
he ever come into possession of them).